Full Disclosure mailing list archives

Re: What the f*** is going on?

From: Fredrick Diggle <fdiggle () gmail com>
Date: Thu, 24 Feb 2011 21:30:39 -0800

I'm the first one among many who want to learn RE and low level things,
but I think both of the sides are complex enough.


I am not sure if you follow the teachings of Fredrick Diggle but to
paraphrase you may imagine security as a disc. On one side you have web app
security (for illustrative purposes let us imagine this thusly)

         , - ~ ~ ~ - ,
     , '               ' ,
   ,                       ,
  ,                         ,
 ,                           ,
 ,          alert()          ,
 ,                           ,
  ,                         ,
   ,                       ,
     ,                  , '
       ' - , _ _ _ ,  '


On the other side you have low level security with mountains of stale
objects and ROP payloads cascading over waterfalls of executable pages. We
flip the disc over and envision this...

         , - ~ ~ ~ - ,
     , '               ' ,
   ,                       ,
  ,                         ,
 ,                           ,
 ,        MOV al, 0x0b       ,
 ,                           ,
  ,                         ,
   ,                       ,
     ,                  , '
       ' - , _ _ _ ,  '


Now your average hacker is handed this disc and stares intently at a side.
The swirling colors, the endless complexity, it becomes all engrossing. But
the Diggle teaches that we must examine a side only for a time, we then flip
the disc and appreciate the majesty that is the flip side. Then after a
similar period another flip and another and another until the two sides
blend into a single sphere. only then does the student realize that the
target system encompasses all of this and that the alert box is simply an
object which can be used after free() like any other.

Tangentially, I prefer to look at this sphere after drinking thus seeing two
of them side by side.

         , - ~ ~ ~ - ,                  , - ~ ~ ~ - ,
     , '               ' ,          , '               ' ,
   ,                       ,      ,                       ,
  ,                         ,    ,                         ,
 ,                           ,  ,                           ,
 ,        MOV al, 0x0b       ,  ,        MOV al, 0x0b       ,
 ,                           ,  ,                           ,
  ,                         ,    ,                         ,
   ,                       ,      ,                       ,
     ,                  , '         ,                  , '
       ' - , _ _ _ ,  '               ' - , _ _ _ ,  '


Fredrick Diggle Esq.

YAY!

Isn't your colleague Michal more focused on web app security nowadays?


Cheers
antisnatchor

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

What the f*** is going on? Pietro de Medici (Feb 22)
- Re: What the f*** is going on? Michal Zalewski (Feb 22)
  - Re: What the f*** is going on? root (Feb 22)
  - Re: What the f*** is going on? Charles Morris (Feb 22)
    - Re: What the f*** is going on? Michal Zalewski (Feb 22)
    - Re: What the f*** is going on? Chris Evans (Feb 22)
    - Re: What the f*** is going on? Michele Orru (Feb 23)
    - Re: What the f*** is going on? Chris Evans (Feb 24)
    - Re: What the f*** is going on? Fredrick Diggle (Feb 24)
    - Re: What the f*** is going on? jf (Feb 22)
    - Re: What the f*** is going on? Pietro de Medici (Feb 23)
  - Re: What the f*** is going on? jf (Feb 22)
    - Re: What the f*** is going on? Michal Zalewski (Feb 22)
    - Re: What the f*** is going on? jf (Feb 22)
    - Re: What the f*** is going on? Michal Zalewski (Feb 22)
    - Re: What the f*** is going on? jf (Feb 22)
    - Re: What the f*** is going on? coderman (Feb 22)
    - Re: What the f*** is going on? jf (Feb 22)
- <Possible follow-ups>
- Re: What the f*** is going on? Michal Zalewski (Feb 22)

(Thread continues...)